By Bill Murphy
Back to Lab News Table of Contents
The Recodable Locking Device, which uses microelectromechanical system (MEMS) technology so small that it takes a microscope to see it, is a series of tiny notched gears that move to the unlocking position only when the right code is entered. It's the first mechanical hardware designed to keep unwanted guests from breaking codes and illegally entering computer and other secure systems.
"Computer firewalls have always been dependent on software, which means they are 'soft' and subject to manipulations," says Larry Dalton, Manager of High Integrity Software Systems Engineering Dept. 2615. "This device is hardware and is extremely difficult to break into. You have one and only one chance in a million of picking exactly the right code compared to a one-in-10,000 chance, with many additional chances, in most software firewalls. After one failed try, this new device mechanically shuts down and can't be reset and reopened except by the owner."
Larry, David Plummer, Manager of Electromechanical Engineering Dept. 2643; and Frank Peter, a mechanical engineer in 2643, recently filed for a patent for the mechanism. The first working units were fabricated in July.
The Sandia team, which is still refining the device and doing reliability tests, expects to have it ready for commercialization in about two years. Once the device is perfected, a commercial partner will be tapped to produce and sell it. At Sandia the work is funded by National Security Programs Div. 5000, through the Strategic Surety Program, which is managed by Laura Gilliom (6232).
"We believe the Recodable Locking Device will be of great interest to businesses and individuals who have computer networks, have sites on the Web, or require secure computers," Frank says. "It would make it virtually impossible for break-ins to Web sites, like what occurred with the New York Times a few weeks ago."
Computer crime is a growing problem nationwide. The Computer Security Institute together with the Federal Bureau of Investigation (FBI) recently conducted a survey of 520 security practitioners in US corporations, government agencies, financial institutions, and universities. Results showed that 64 percent of the respondents reported computer security breaches within the last 12 months. And although 72 percent acknowledged suffering financial losses from these security breaches, only 42 percent were able to quantify their losses -- estimating them to be more than $136.8 million.
Larry says he "had the notion" of the device for three years, calling it the "digital isolation and incompatibility" project. Digital was for the digital world, and isolation and incompatibility are important concepts in stronglinks, which are mechanical locks used as safety devices in weapons.
He turned to Electromechanical Engineering Dept. 2643, headed by David, to do the design because of that group's expertise in stronglinks as well as its ability to design using the new MEMS technology.
"It took about three months to go from concept to the final design," says Frank, device designer. "Based on a code storage scheme used successfully in existing weapon surety subsystems, we were able to design a very simple device -- and it's the simplicity of the device that makes it easy to analyze from a vulnerability standpoint."
The Sandia Microelectronics Development Laboratory (MDL) used Frank's design to build a working device, which consists of a series of six code wheels, each less than 300 microns in diameter, driven by electrostatic comb drives that turn electrical impulses into mechanical motion. The "lock owner" sets a lock combination to any value from one to one million. The entire device is about 9.4 millimeters by 4.7 millimeters, about the size of a button on a dress shirt.
The Recodable Locking Device consists of two sides -- the user side and the secure side. To unlock the device, a user must enter a code that identically matches the code stored mechanically in the six code wheels. If the user makes even one wrong entry -- and close doesn't count -- the device mechanically locks up and does not allow any further tries until the owner resets it from the secure side.
The six gears and the comb drives would be put on a small chip that could be incorporated into any computer, computer network, or security system. Because it is built using integrated circuit fabricating techniques, hundreds can be constructed on a single six-inch silicon wafer. The end result is that the device will be inexpensive to produce.
David says Sandia is the "only place on the planet" where development of such a mechanism could have occurred.
"That's due to the unique multilevel polysilicon fabrication process developed by Dept. 1725 and our heritage of designing mechanical locking devices," he says.
Besides being a deterrent to hackers, the device has other security applications, Frank says. For example, controlled information could be made available only in a window of opportunity. The information owner could tell the party needing the data that he or she has five minutes to enter in a specific code and gain access. Then, after five minutes, the code would be reset and access would be denied.
A variety of potential safety applications are also associated with the Recodable Locking Device. The mechanism can confirm that a critical system is operating as expected. And if it detects a problem, it will not permit execution of a function. In this safety capacity, the device could be used, for example, to ensure that a radiation therapy machine delivers the correct dosage of radiation or as a control mechanism in deregulated commercial power generation.
"This device has a powerful potential -- one that is readily understood by everyone," Larry says. "I've even been told by DoD personnel that this is the first real technical advancement in information security that they've seen in a long time."
Last modified: October 8, 1998
View Sandia news releases and fact sheets
Questions and Comments || Acknowledgment and Disclaimer